Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,303
Erlang
31
GitHub Actions
21
Go
2,071
Maven
5,000+
npm
3,744
NuGet
669
pip
3,430
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

156 advisories

Loading
A stored XSS vulnerability has been reported to affect QNAP NAS running QuLog Center. If... Moderate Unreviewed
CVE-2020-36196 was published May 24, 2022
This issue affects: QNAP Systems Inc. Q'center versions prior to 1.11.1004. Moderate Unreviewed
CVE-2021-28803 was published May 24, 2022
The LearnPress WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient... Moderate Unreviewed
CVE-2021-39348 was published May 24, 2022
Cross-site Scripting vulnerability in repository issue list in Gogs Moderate
CVE-2022-31038 was published for gogs.io/gogs (Go) Jun 8, 2022
wuhan005
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in WolfCMS up to 0.8.3.1. It has been... Moderate Unreviewed
CVE-2019-25070 was published Jun 10, 2022
A vulnerability, which was classified as problematic, has been found in Thomson TCW710 ST5D.10.05... Moderate Unreviewed
CVE-2018-25034 was published Jun 13, 2022
A vulnerability, which was classified as problematic, was found in TrueConf Server 4.3.7. This... Moderate Unreviewed
CVE-2017-20113 was published Jun 30, 2022
A vulnerability was found in TrueConf Server 4.3.7 and classified as problematic. This issue... Moderate Unreviewed
CVE-2017-20115 was published Jun 30, 2022
A vulnerability has been found in TrueConf Server 4.3.7 and classified as problematic. This... Moderate Unreviewed
CVE-2017-20114 was published Jun 30, 2022
A vulnerability was found in TrueConf Server 4.3.7. It has been classified as problematic.... Moderate Unreviewed
CVE-2017-20116 was published Jun 30, 2022
A vulnerability was found in TrueConf Server 4.3.7. It has been rated as problematic. Affected by... Moderate Unreviewed
CVE-2017-20118 was published Jun 30, 2022
A vulnerability was found in TrueConf Server 4.3.7. It has been declared as problematic. Affected... Moderate Unreviewed
CVE-2017-20117 was published Jun 30, 2022
A vulnerability was found in Itech Movie Portal Script 7.36. It has been rated as problematic.... Moderate Unreviewed
CVE-2017-20140 was published Jul 23, 2022
A vulnerability has been identified in SCALANCE M-800 / S615 (All versions), SCALANCE SC-600... Moderate Unreviewed
CVE-2022-36325 was published Aug 11, 2022
HTML Injection in ActiveMQ Artemis Web Console Moderate
CVE-2022-35278 was published for org.apache.activemq:artemis-server (Maven) Aug 24, 2022
Twisted vulnerable to NameVirtualHost Host header injection Moderate
CVE-2022-39348 was published for twisted (pip) Oct 26, 2022
westonsteimel
A vulnerability, which was classified as problematic, was found in Webmin. Affected is an unknown... Moderate Unreviewed
CVE-2022-3844 was published Nov 3, 2022
Stored Cross-Site Scripting (XSS) in Keycloak via groups dropdown Moderate
GHSA-755v-r4x4-qf7m was published for org.keycloak:keycloak-core (Maven) Nov 29, 2022
jxn0
A stored cross-site scripting vulnerability exists in the HdConfigActions.aspx altertextlanguages... Moderate Unreviewed
CVE-2022-28703 was published Dec 15, 2022
HTML Injection in Keycloak Admin REST API Moderate
CVE-2022-1274 was published for org.keycloak:keycloak-services (Maven) Mar 1, 2023
teler-waf subject to Bypass of Common Web Attack Threat Rule with HTML Entities Payload Moderate
CVE-2023-26046 was published for github.com/kitabisa/teler-waf (Go) Mar 1, 2023
aidilarf
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed
CVE-2021-44196 was published Mar 7, 2023
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed
CVE-2021-44197 was published Mar 7, 2023
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed
CVE-2023-1013 was published Mar 30, 2023
The SAP Application Interface (Message Monitoring) - versions 600, 700, allows an authorized... Moderate Unreviewed
CVE-2023-29112 was published Apr 11, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database